EP2375622A1 - A device and a method for performing a cryptographic function - Google Patents
A device and a method for performing a cryptographic function Download PDFInfo
- Publication number
- EP2375622A1 EP2375622A1 EP10159372A EP10159372A EP2375622A1 EP 2375622 A1 EP2375622 A1 EP 2375622A1 EP 10159372 A EP10159372 A EP 10159372A EP 10159372 A EP10159372 A EP 10159372A EP 2375622 A1 EP2375622 A1 EP 2375622A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- analogue
- digital
- value
- key
- give
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
Definitions
- the present invention relates to the domain of encryption and decryption of electronically transmitted information. More particularly, the invention concerns the encryption of digital information under a key to give encrypted digital information and the further decryption by intended recipients of the encrypted digital information.
- the domain of the present invention is the encryption and decryption of digital information, however since the invention involves analogue electronic processing techniques, it is appropriate to include analogue encryption/decryption techniques in the description of the state of the art.
- Analogue encryption techniques are commonly employed in the domain of communications and the domain of telephony for speech encoding purposes.
- the techniques in use involve scrambling either in the time domain or the frequency domain.
- United States Patent 7545929 describes an analogue encryption technique whereby part of the analogue signal to be encrypted is isolated and combined with a modulation signal. The modulation signal is combined with the original analogue signal to give an encrypted analogue signal.
- One of the purposes of the present invention is to provide a novel method and apparatus for realising a digital encryption algorithm in hardware while rendering the reverse engineering of the hardware sufficiently difficult to provide a high level of security compared to present state of the art encryption hardware.
- the invention seeks therefore to minimise the probability of an unintended recipient of information encrypted according to the invention being able to decrypt the information by discovering the encryption key or by otherwise circumventing the encryption algorithm.
- This goal is achieved using a method for performing a cryptographic function on at least one digital first value (XD) under at least one digital second value (KD) to give at least one digital output value (RD), said method comprising the following steps:
- the present invention further provides for a device for performing a cryptographic function according to the method above, on at least one digital first value (XD) using at least one digital second value (KD) to give at least one digital output value (RD), said device comprising:
- An embodiment of the present invention may be deployed in a system for performing a cryptographic function on a first value under a second value to give an encrypted or decrypted output.
- Fig. 1 shows a schematic diagram of part of a system for encrypting (or decrypting) digital information in which an embodiment of the present invention may be deployed.
- the block shown in the schematic diagram takes a digital first value (XD) as input to be encrypted (or decrypted) and a second digital value (KD) as an encryption (or decryption) key and gives an encrypted (or decrypted) digital value (RD) as output.
- XD digital first value
- KD second digital value
- RD encrypted (or decrypted) digital value
- the digital first value (XD) is converted to give an analogue first value (XA) using a first digital to analogue converter (DA1).
- the second digital value (KD) is converted to an analogue key value (KA) using a second digital to analogue converter (DA2).
- An analogue function (F) is applied to the two analogue values to give an analogue result (RA).
- RA analogue to digital converter
- AD analogue to digital converter
- RD encrypted digital output
- the input to be encrypted (XD) may be stored in an input register (X) and the second digital value (KD), in this case representing an encryption key value, may be stored in an encryption key register (K).
- the analogue-to-digital converted result (RD) may be stored in a result register (R). It is worth noting that in practice, the block shown in Fig. 1 may represent only part of a complete encryption system which may further comprise other conditioning circuitry to make up a complete encryption algorithm, much of which will be described hereafter.
- an n-bit digital value can be represented by a set of n states, each state having one of two binary values, namely zero or one. These states can be defined as voltage states or current states for example although other types of states are also possible, such as direction of polarity, frequency value etc.
- the digital to analogue converter (DA1, DA2) should preferably convert values from the digital domain to the analogue domain, the form of such conversion leading to any analogue quantity such as voltage, current, frequency or charge, for example.
- the analogue to digital converter (AD) should convert an analogue quantity such as voltage, current, frequency or charge, for example, to the digital domain represented by voltages or currents for example.
- the analogue function (F) can be any predefined analogue function acting on at least two analogue inputs and giving an analogue output.
- arithmetic functions involving addition, subtraction, multiplication or log functions or any combination thereof may be used.
- the digital values are represented by voltage states and the digital to analogue converters convert from the digital voltage domain to the analogue current domain.
- the realisation of addition functions is straightforward using circuits working in the current domain.
- frequency multiplying circuits are readily available as well as other types of mixing circuits to realise different mathematical functions.
- the digital first value (XD) may be derived from all or part of an input value (XIN) using a first pre-processing stage (PREX).
- PREX pre-processing
- Such pre-processing (PREX) may be based on a variety of functions such as addition of a predetermined value to the input value (XIN) or subtraction of a predetermined value from the input value (XIN), truncation or rotation of the input value (XIN) or any arbitrary logical function which can give a digital first value (XD) based on all or part of the key value (XIN).
- the digital second value (KD) may be derived from all or part of a key value (KIN) using a second pre-processing stage (PREK).
- PREK pre-processing
- Such pre-processing (PREK) may be based on a variety of functions such as addition of a predetermined value to the key value (KIN) or subtraction of a predetermined value from the key value (KIN), truncation or rotation of the key value (KIN) or any arbitrary logical function which can give a digital second value (KD) based on all or part of the key value (KIN).
- the output (RD) may be subject to a post-processing stage (POST) to give a post-processed output (RPD).
- POST post-processing stage
- either of the pre-processing activities described above may further include some form of truncation for example, or a subdivision of the input value (XIN) or the key value (KIN) in order for the encryption procedure to be carried out in a plurality of iterations or in a plurality of simultaneous parallel branches.
- the first pre-processing stage (PREX) may involve more complex logic and may even entail the use of an encryption (or decryption key).
- the key may be the digital second value (KD) or any other derivative of the key value (KIN).
- Fig. 4 illustrates an example of this, wherein the first pre-processing stage (PREX) applied to the input value (XIN) uses a pre-processing key value (KPRE) which is derived from the key value (KIN).
- the pre-processing key value (KPRE) may or may not have the same value as the digital second value (KD). Indeed, further keys may be derived as shown in Fig.
- KPOST post-processing key value
- KPOST post-processing key value
- KPRE pre-processing key value
- KPOST post-processing key value
- KD second digital value
- KPRE pre-processing key value
- KPOST post-processing key value
- a complete encryption algorithm which is realisable in digital hardware may be broken down into a plurality of sub-algorithms in order for at least one of the sub-algorithms to be realised as an analogue function using analogue hardware. In this way the goal of rendering difficult the reverse-engineering of the circuit for the purpose of building a software emulator or any other kind of emulator is met.
- each step at the input would correspond to a difference of x/n volts at the output.
- a change of y/m volts at the input would lead to a unit change, or step, at the output.
- a 16-bit converter with a range of 2V this would give a step size of around 30uV.
- a further error may be introduced in the analogue function due to such factors as electrical noise, supply variations or simply by the analogue function itself having a cumulative or multiplicative effect for example on the errors produced by the converters.
- the chain had two digital to analogue converters and the analogue function is a multiplication of the two outputs of the digital to analogue converters, then the errors from both digital to analogue converters would also be multiplied at the output of the analogue function.
- the analogue function is divided into a plurality of analogue sub-functions.
- the analogue sub-functions are chosen such that they may be combined to realise the analogue function.
- Each analogue sub-function receives at least two inputs, namely a first operand and a second operand, via digital to analogue converters and the output from the sub-function goes to an analogue to digital converters to give a sub-solution.
- the step size and tolerance of the converter, and therefore the optimum number of bits (b), are chosen such that the overall tolerance of the chain including the digital to analogue converters, the sub-function and the analogue to digital converter leads to a deterministic sub-solution for given first and second operands.
- a plurality of the above mentioned chains are implemented with a view to realising the chosen analogue function.
- the digital first value is divided into a plurality of b-bit partial digital first values - these are the first operands mentioned above, while the key value is divided into a plurality of b-bit partial key values - these are the second operands mentioned above.
- each partial digital first value and partial digital second value through each of the chains yields a plurality of partial results or sub-solutions as mentioned above.
- the partial results are then combined, either in the digital domain or in the analogue domain, to give a solution to the analogue function.
- the analogue function is used to realise the chosen part of the overall encryption algorithm.
- both the digital second value (KD) and the digital first value (XD) are divided into a plurality of partial digital first values (XD1, XD2) and partial digital second values (KD1, KD2).
- the example shows the digital first value and the key value each being divided into two parts; however it should be appreciated that both values may each be divided into any desired number of parts.
- Each partial digital first value is converted to a partial analogue first value (XA1, XA2) and each partial digital second value is converted to a partial analogue key value (KA1, KA2).
- a plurality of analogue sub-function blocks (SF1, SF2) perform analogue functions on a pair of one from the plurality of partial analogue first values and one from the plurality of analogue key values giving a plurality of partial analogue results (RAP1, RAP2).
- the partial analogue results are converted to a plurality of partial digital results (RDP1 RDP2) using a plurality of analogue to digital converters (AD1, AD2) and the plurality of partial digital results are combined using a predetermined digital combining function (CD) to give the encrypted (or decrypted) digital output value (RD).
- the combination of the partial digital results yields the same digital output value as would have been achieved had the digital first value (XD) and the digital second value (KD) been processed using the analog function (F) as previously described.
- the predetermined digital combining function may further include the use of the post-processing key value (POST) or any other predetermined key.
- the partial analogue results RAP1, RAP2 can be combined in the analogue domain using an analogue combing function (CA) to give an analogue result (RA) before applying the analogue to digital conversion (AD) leading to the encrypted (or decrypted) digital output value (RD). This is illustrated in Fig. 6 .
- the analogue combining function may or may not use an encryption key, such as the analogue encryption key (KA) for example.
- an encryption key such as the analogue encryption key (KA) for example.
- the treatment of the partial digital first values and partial digital second values may be done in serial fashion or using a pipelined organisation rather than the parallel architecture described above.
- the encrypted output value undergoes a further round, or a plurality of further rounds of encryption.
- the decision as to how many rounds should be made is based on a trade-off between the speed or performance required and the complexity of the resulting encryption algorithm.
- each round of encryption does not necessarily have to use the same encryption key.
- the encrypted digital output value (RD) (or the post-processed output value (RPD)) can be fed back to the input to become a new digital first value (XD) (or a new input value XIN) or a further block of hardware can be cascaded onto the output of the first block.
- the further rounds can be achieved in the analogue domain whereby the partial analogue results undergo further processing through analogue sub-functions.
- Fig. 7 illustrates how decryption of a value encrypted using a function F is achieved according to an embodiment of the present invention.
- the encrypted value (RD) is converted to an analogue value using the digital to analogue converter (DA1).
- a decryption key (KD) is converted from the digital domain to the analogue domain using the digital to analogue converter (DA2).
- the two analogue values (RA, KDA) are combined using a decrypting analogue function (F -1 ).
- the result of the decrypting analogue function (XA) is converted from the analogue domain to the digital domain using analogue to digital converter (AD) to give the decrypted value (XD).
- the decryption key may be used to derive a decryption sub-key (KSD).
- the decryption key is the same as the encryption key and the decrypting function is the inverse of the encrypting function.
- the decryption key is different from the encryption key while the encryption function is the same as the decryption function.
- the decryption may be done in a plurality of blocks treating a reduced number of bits, with the key being divided into a plurality of shorter keys and the encrypted value being divided into a plurality of shorter encrypted values to be treated by a plurality of analogue functions with the partial results being combined either in the analogue domain or the digital domain.
Abstract
The present invention provides a method and an apparatus for encrypting and decrypting digital information while imparting a high level of security on the encrypted digital information. A mixed-mode digital-analogue encryption and decryption technique is proposed, which minimises the probability of an unintended recipient of the thus encrypted information being able to decrypt the information using known reverse engineering techniques.
Description
- The present invention relates to the domain of encryption and decryption of electronically transmitted information. More particularly, the invention concerns the encryption of digital information under a key to give encrypted digital information and the further decryption by intended recipients of the encrypted digital information.
- The encryption and decryption of digital electronic information is commonplace nowadays and can be readily found in the fields of banking, software protection, data protection, digital rights management, telecommunications, where the transmission of sensitive information is to be secured, and in broadcasting, especially where such broadcasting involves the transmission of high value content.
- Most cryptographic algorithms use key agreement protocols, where a sender and a recipient of encrypted information agree on a key. Keys can be symmetric, where the same key is used to encrypt and to decrypt. Symmetric key technology also covers the use different keys which related in an easily computable way. In asymmetric key technology on the other hand, a public key is used to encrypt and a private key, different from the public key, to decrypt. Such algorithms are described in Standards such as DES, RSA or the Diffie-Hellman Key Exchange Protocol for example or any other standard such as the Advanced Encryption Standard (AES), as recommended by the National Institute for Standards and Technology (NIST). The strength of the encryption used in these types of algorithms depends somewhat on which particular algorithm is used and on the length and type of key which is used and is subject to the keys being kept secret.
- As mentioned in the Introduction, the domain of the present invention is the encryption and decryption of digital information, however since the invention involves analogue electronic processing techniques, it is appropriate to include analogue encryption/decryption techniques in the description of the state of the art.
- Analogue encryption techniques are commonly employed in the domain of communications and the domain of telephony for speech encoding purposes. The techniques in use involve scrambling either in the time domain or the frequency domain.
- Instead of scrambling, other techniques are also used in analogue encryption. For example, United States Patent
7545929 describes an analogue encryption technique whereby part of the analogue signal to be encrypted is isolated and combined with a modulation signal. The modulation signal is combined with the original analogue signal to give an encrypted analogue signal. - Mixed-mode encryption techniques exist wherein an analogue signal is first sampled and converted to the digital domain before carrying out the encryption in the digital domain and optionally re-converting the result to the analogue domain. United States Patent Application
2001/0021252 describes a widely accepted approach to encrypting telephone communications whereby an analogue input signal is converted to a digital input signal, the digital input signal is encrypted under a digital key and the resulting encrypted digital input signal is re-converted to an analogue output signal representative of the analogue input signal. - International Patent Application
W02007/120006 describes a mixed-mode method and apparatus for voice signal encryption/decryption for securing a real-time voice communication. The analogue voice signal is converted to a digital voice signal and then encrypted/scrambled using known means. The voice signal being sampled in real time, or a delayed version of it, is added to the encrypted/scrambled voice signal. - Thus state of the art encryption techniques allow for digital information to be encrypted and decrypted using industry standard key agreement algorithms or for analogue information to be converted to digital information which can then be encrypted and decrypted using these same industry standard techniques. State of the art encryption techniques for analogue information also exist but the encryption thus afforded by such techniques is generally considered to be less secure than with digital encryption.
- In the domain of electronic cryptography it is possible for a third party to reverse-engineer an encryption algorithm which has been implemented in digital hardware and to build an emulation of that algorithm, usually in software, which may be used to circumvent the hardware encryption algorithm thus allowing the third party to have access to information which has been encrypted using the encryption algorithm. One of the purposes of the present invention is to provide a novel method and apparatus for realising a digital encryption algorithm in hardware while rendering the reverse engineering of the hardware sufficiently difficult to provide a high level of security compared to present state of the art encryption hardware.
- The invention seeks therefore to minimise the probability of an unintended recipient of information encrypted according to the invention being able to decrypt the information by discovering the encryption key or by otherwise circumventing the encryption algorithm. This goal is achieved using a method for performing a cryptographic function on at least one digital first value (XD) under at least one digital second value (KD) to give at least one digital output value (RD), said method comprising the following steps:
- a) converting the at least one digital first value (XD) into at least one analogue first value (XA),
- b) converting the at least one digital second value (KD) into at least one analogue key value (KA),
- c) performing an analogue function (F) on the at least one analogue first value (XA) and the at least one analogue key value (KA) to give at least one analogue output value (RA), and
- d) converting the analogue output value (RA) to give the digital output value (RD).
- The present invention further provides for a device for performing a cryptographic function according to the method above, on at least one digital first value (XD) using at least one digital second value (KD) to give at least one digital output value (RD), said device comprising:
- means to convert the at least one digital first value (XD) into at least one analogue first value (XA),
- means to convert the at least one digital second value (KSD) into at least one analogue key value (KA),
- means to perform an analogue function (F) on said analogue first value and said analogue key value to give an analogue result (RA) and
- means to convert said analogue result into a digital value to give said digital output value (RD).
- The problem of preventing a third party from being able to build a software emulator of a cryptographic function which has been realised in digital hardware is therefore solved by providing mixed digital and analogue hardware techniques to make encryption and decryption algorithms.
- The present invention will be better understood thanks to the detailed description which follows and the accompanying drawings, which are given as non-limiting examples of embodiments of the invention, namely:
-
Fig. 1 showing a block diagram of part of a cryptographic system in which an embodiment of the present invention may be deployed. -
Figs. 2 to 6 showing alternative embodiments of parts of the cryptographic system described inFig. 1 . -
Fig. 7 showing a block diagram of part of a decryption system in which an embodiment of the present invention may be deployed. - An embodiment of the present invention may be deployed in a system for performing a cryptographic function on a first value under a second value to give an encrypted or decrypted output.
-
Fig. 1 shows a schematic diagram of part of a system for encrypting (or decrypting) digital information in which an embodiment of the present invention may be deployed. The block shown in the schematic diagram takes a digital first value (XD) as input to be encrypted (or decrypted) and a second digital value (KD) as an encryption (or decryption) key and gives an encrypted (or decrypted) digital value (RD) as output. - According to an embodiment of the present invention, the digital first value (XD) is converted to give an analogue first value (XA) using a first digital to analogue converter (DA1). Similarly, the second digital value (KD) is converted to an analogue key value (KA) using a second digital to analogue converter (DA2). An analogue function (F) is applied to the two analogue values to give an analogue result (RA). Using an analogue to digital converter (AD), the analogue result (RA) is converted to a digital value thus giving an encrypted digital output (RD) representing the encryption of the digital first value at the input (XD). As shown in
Fig. 1 , the input to be encrypted (XD) may be stored in an input register (X) and the second digital value (KD), in this case representing an encryption key value, may be stored in an encryption key register (K). Similarly, the analogue-to-digital converted result (RD) may be stored in a result register (R). It is worth noting that in practice, the block shown inFig. 1 may represent only part of a complete encryption system which may further comprise other conditioning circuitry to make up a complete encryption algorithm, much of which will be described hereafter. - As is well known in digital electronics, an n-bit digital value can be represented by a set of n states, each state having one of two binary values, namely zero or one. These states can be defined as voltage states or current states for example although other types of states are also possible, such as direction of polarity, frequency value etc. The digital to analogue converter (DA1, DA2) should preferably convert values from the digital domain to the analogue domain, the form of such conversion leading to any analogue quantity such as voltage, current, frequency or charge, for example. Similarly, the analogue to digital converter (AD) should convert an analogue quantity such as voltage, current, frequency or charge, for example, to the digital domain represented by voltages or currents for example.
- The analogue function (F) can be any predefined analogue function acting on at least two analogue inputs and giving an analogue output. For example, arithmetic functions involving addition, subtraction, multiplication or log functions or any combination thereof may be used. In an embodiment of the present invention it is convenient to use a switched capacitor circuit to realise an arithmetic function in the case where the analogue values are represented as charge. Indeed the practice of realising division functions or addition functions is well known to people skilled in the art of switched capacitor circuit design. In another embodiment of the present invention, the digital values are represented by voltage states and the digital to analogue converters convert from the digital voltage domain to the analogue current domain. As is well known to people skilled in the art, the realisation of addition functions is straightforward using circuits working in the current domain. Similarly, in the frequency domain, frequency multiplying circuits are readily available as well as other types of mixing circuits to realise different mathematical functions.
- Using the basic building blocks which are available to realise basic arithmetical or mathematical functions in analogue electronic circuitry as described above, it is further possible to build analogue circuits to realise more complex mathematical functions involving polynomial functions including functions involving raising an operand to the power of two or to the power of three etc. Any of the aforementioned mathematical functions can be used to realise the analogue function (F) of the present invention.
- According to another embodiment of the present invention, shown in
Fig. 2 , the digital first value (XD) may be derived from all or part of an input value (XIN) using a first pre-processing stage (PREX). Such pre-processing (PREX) may be based on a variety of functions such as addition of a predetermined value to the input value (XIN) or subtraction of a predetermined value from the input value (XIN), truncation or rotation of the input value (XIN) or any arbitrary logical function which can give a digital first value (XD) based on all or part of the key value (XIN). - According to yet a further embodiment of the present invention, shown in
Fig. 3 , the digital second value (KD) may be derived from all or part of a key value (KIN) using a second pre-processing stage (PREK). Such pre-processing (PREK) may be based on a variety of functions such as addition of a predetermined value to the key value (KIN) or subtraction of a predetermined value from the key value (KIN), truncation or rotation of the key value (KIN) or any arbitrary logical function which can give a digital second value (KD) based on all or part of the key value (KIN). Furthermore, as shown inFig. 3 , on the output side the output (RD) may be subject to a post-processing stage (POST) to give a post-processed output (RPD). - According to a preferred embodiment of the present invention either of the pre-processing activities described above may further include some form of truncation for example, or a subdivision of the input value (XIN) or the key value (KIN) in order for the encryption procedure to be carried out in a plurality of iterations or in a plurality of simultaneous parallel branches.
- It is worth noting that the first pre-processing stage (PREX) may involve more complex logic and may even entail the use of an encryption (or decryption key). Indeed the key may be the digital second value (KD) or any other derivative of the key value (KIN).
Fig. 4 illustrates an example of this, wherein the first pre-processing stage (PREX) applied to the input value (XIN) uses a pre-processing key value (KPRE) which is derived from the key value (KIN). The pre-processing key value (KPRE) may or may not have the same value as the digital second value (KD). Indeed, further keys may be derived as shown inFig. 4 - for example a post-processing key value (KPOST) which may be used as a further input, perhaps functioning as an encryption key (or decryption key) in the post-processing stage (POST). It is worth noting that although the figure shows the digital second value, the pre-processing key value (KPRE) and the post-processing key value (KPOST) as being derived from the same key value (KIN), each of these keys may be completely independent. By the same token, the second digital value (KD), the pre-processing key value (KPRE) and the post-processing key value (KPOST) may indeed be the same. - Seen in more general terms, a complete encryption algorithm which is realisable in digital hardware may be broken down into a plurality of sub-algorithms in order for at least one of the sub-algorithms to be realised as an analogue function using analogue hardware. In this way the goal of rendering difficult the reverse-engineering of the circuit for the purpose of building a software emulator or any other kind of emulator is met.
- In an embedment of the present invention, care is taken to ensure the repeatability of the encryption. In an n-bit digital to analogue converter with a range of x volts, each step at the input would correspond to a difference of x/n volts at the output. Conversely, for an m-bit analogue to digital converter with an input range of y volts, a change of y/m volts at the input would lead to a unit change, or step, at the output. For a 16-bit converter with a range of 2V this would give a step size of around 30uV. As can be appreciated by those skilled in the art of digital to analogue and analogue to digital conversion, such converters are susceptible to a certain amount of error due to such factors as temperature variation, supply voltage or reference voltage variation, electrical noise, conversion speed etc. If the error value is comparable in size to a step size of a converter, then in a system where a digital input is converted to an analogue value and then to a digital output there can be no guarantee that a certain digital input will always lead to the same digital output, since the digital output will vary depending on the errors within the system.
- Furthermore, in a chain comprising at least one digital to analogue converter followed by an analogue function followed by an analogue to digital converter, as well as the possibility for error mentioned above, a further error may be introduced in the analogue function due to such factors as electrical noise, supply variations or simply by the analogue function itself having a cumulative or multiplicative effect for example on the errors produced by the converters. For example if the chain had two digital to analogue converters and the analogue function is a multiplication of the two outputs of the digital to analogue converters, then the errors from both digital to analogue converters would also be multiplied at the output of the analogue function.
- It is well known in the domain of cryptography that in order to maintain a reasonable level of security for an encryption algorithm realised in digital electronic hardware, the number of bits used to represent the encryption key must be kept reasonably high. On the other hand, as can be seen in the above discussion, if the encryption algorithm, or at least part of the algorithm, were to be realised as an analogue function, then repeatability of such a system is compromised if the number of bits used leads to step sizes which are comparable to the size of the errors inherent in the converters and/or in the analogue function. In other words, the more bits which are used, the less chance there is in being able to build a deterministic system which will yield repeatable results.
- In order to circumvent this problem, according to an embodiment of the present invention in which an analogue function is to replicate a part of an encryption algorithm, the analogue function is divided into a plurality of analogue sub-functions. The analogue sub-functions are chosen such that they may be combined to realise the analogue function. Each analogue sub-function receives at least two inputs, namely a first operand and a second operand, via digital to analogue converters and the output from the sub-function goes to an analogue to digital converters to give a sub-solution. The step size and tolerance of the converter, and therefore the optimum number of bits (b), are chosen such that the overall tolerance of the chain including the digital to analogue converters, the sub-function and the analogue to digital converter leads to a deterministic sub-solution for given first and second operands. A plurality of the above mentioned chains are implemented with a view to realising the chosen analogue function. The digital first value is divided into a plurality of b-bit partial digital first values - these are the first operands mentioned above, while the key value is divided into a plurality of b-bit partial key values - these are the second operands mentioned above. The processing of each partial digital first value and partial digital second value through each of the chains yields a plurality of partial results or sub-solutions as mentioned above. The partial results are then combined, either in the digital domain or in the analogue domain, to give a solution to the analogue function. The analogue function is used to realise the chosen part of the overall encryption algorithm.
- This is illustrated in
Fig. 5 where both the digital second value (KD) and the digital first value (XD) are divided into a plurality of partial digital first values (XD1, XD2) and partial digital second values (KD1, KD2). The example shows the digital first value and the key value each being divided into two parts; however it should be appreciated that both values may each be divided into any desired number of parts. Each partial digital first value is converted to a partial analogue first value (XA1, XA2) and each partial digital second value is converted to a partial analogue key value (KA1, KA2). A plurality of analogue sub-function blocks (SF1, SF2) perform analogue functions on a pair of one from the plurality of partial analogue first values and one from the plurality of analogue key values giving a plurality of partial analogue results (RAP1, RAP2). The partial analogue results are converted to a plurality of partial digital results (RDP1 RDP2) using a plurality of analogue to digital converters (AD1, AD2) and the plurality of partial digital results are combined using a predetermined digital combining function (CD) to give the encrypted (or decrypted) digital output value (RD). The combination of the partial digital results yields the same digital output value as would have been achieved had the digital first value (XD) and the digital second value (KD) been processed using the analog function (F) as previously described. It is worth noting that the predetermined digital combining function (CD) may further include the use of the post-processing key value (POST) or any other predetermined key. Alternatively, the partial analogue results (RAP1, RAP2) can be combined in the analogue domain using an analogue combing function (CA) to give an analogue result (RA) before applying the analogue to digital conversion (AD) leading to the encrypted (or decrypted) digital output value (RD). This is illustrated inFig. 6 . The analogue combining function (CA) may or may not use an encryption key, such as the analogue encryption key (KA) for example. In other embodiments of the present invention, the treatment of the partial digital first values and partial digital second values may be done in serial fashion or using a pipelined organisation rather than the parallel architecture described above. - In another embodiment of the present invention, in order to further diversify the result of the encryption, the encrypted output value undergoes a further round, or a plurality of further rounds of encryption. The decision as to how many rounds should be made is based on a trade-off between the speed or performance required and the complexity of the resulting encryption algorithm. Furthermore, each round of encryption does not necessarily have to use the same encryption key. To realise a further round of encryption, the encrypted digital output value (RD) (or the post-processed output value (RPD)) can be fed back to the input to become a new digital first value (XD) (or a new input value XIN) or a further block of hardware can be cascaded onto the output of the first block. Alternatively the further rounds can be achieved in the analogue domain whereby the partial analogue results undergo further processing through analogue sub-functions.
-
Fig. 7 illustrates how decryption of a value encrypted using a function F is achieved according to an embodiment of the present invention. The encrypted value (RD) is converted to an analogue value using the digital to analogue converter (DA1). Similarly a decryption key (KD) is converted from the digital domain to the analogue domain using the digital to analogue converter (DA2). The two analogue values (RA, KDA) are combined using a decrypting analogue function (F-1). The result of the decrypting analogue function (XA) is converted from the analogue domain to the digital domain using analogue to digital converter (AD) to give the decrypted value (XD). As in the case of encryption, the decryption key (KD) may be used to derive a decryption sub-key (KSD). In one embodiment of the present invention the decryption key is the same as the encryption key and the decrypting function is the inverse of the encrypting function. In another embodiment the decryption key is different from the encryption key while the encryption function is the same as the decryption function. As described in the encryption part, the decryption may be done in a plurality of blocks treating a reduced number of bits, with the key being divided into a plurality of shorter keys and the encrypted value being divided into a plurality of shorter encrypted values to be treated by a plurality of analogue functions with the partial results being combined either in the analogue domain or the digital domain. - The techniques contributing to the achievement of a deterministic encryption system as described above, namely the division of digital values into a plurality of smaller parts may also be applied to the decryption system. Similarly the use of a plurality of rounds may be applied to the decryption system.
Claims (15)
- A method for performing a cryptographic function on at least one digital first value (XD) using at least one digital second value (KD) to give at least one digital output value (RD), said method comprising the following steps:a) converting the at least one digital first value (XD) into at least one analogue first value (XA),b) converting the at least one digital second value (KD) into at least one analogue key value (KA),c) performing an analogue function (F) on the at least one analogue first value (XA) and the at least one analogue key value (KA) to give at least one analogue output value (RA), andd) converting the analogue output value (RA) to give the digital output value (RD).
- The method according to claim 1, wherein said at least one digital first value (XD) results from a first pre-processing activity (PREX) carried out on at least all or part of an input value (XIN).
- The method according to either of claims 1 or 2, wherein said at least one digital second value results from a second pre-processing activity (PREK) carried out on at least all or part of a key value (KIN).
- The method according to claim 3, wherein said second pre-processing activity (PREK) further generates a pre-processing key value (KPRE).
- The method according to either of claims 3 or 4, wherein said first pre-processing activity (PREX) further acts upon the pre-processing key value (KPRE).
- The method according to any of claims 1 to 5, wherein at least all or part of said digital output value (RD) is subjected to a post-processing activity (POST) to give a post-processed digital output value (RPD).
- The method according to any of claims 3 to 6, wherein said second pre-processing activity (PREK) further generates a post-processing key value (KPOST).
- The method according to claim 7, wherein said post-processing activity (POST) further acts upon the post-processing key value (KPOST).
- The method according to any of claims 3 to 8, wherein any of said first pre-processing activity (PREX) or second pre-processing activity (PREK) involves generating a plurality of digital first values (XD1, XD2) or second digital values (KD1, KD2) and wherein the plurality of digital first values (XD1, XD2) are converted to a plurality of analogue first values (XA1, XA2) and the plurality of digital second values (KD1, KD2) are converted to a plurality of analogue key values (KA1, KA2).
- The method according to any of claims 1 to 9, wherein said analogue function (F) is divided into a plurality of analogue sub-functions (SF1, SF2, CA), at least two of said analogue sub-functions (SF1, SF2, CA) acting upon at least one of said at least one analogue first values (XA1, XA2) and at least one of said at least one analogue key values (KA1, KA2) to give a plurality of partial analogue results (RAP1; RAP2), said plurality of partial analogue results (RAP1, RAP2) being subjected to a combining sub-function (CA) in order to yield the analogue output value (RA).
- The method according to any of claims 1 to 9, wherein said analogue function (F) is divided into a plurality of analogue sub-functions (SF1, SF2), each of said analogue sub-functions (SF1, SF2) acting upon at least one of said at least one analogue first values (XA1, XA2) and at least one of said at least one analogue key values (KA1, KA2) to give a plurality of partial analogue results (RAP1; RAP2), said plurality of partial analogue results (RAP1, RAP2) being converted to a plurality of partial digital results (RDP1, RDP2), said plurality of partial digital results (RDP1, RDP2) being combined (CD) to yield the digital output value (RD).
- The method according to any of claims 1 to 11, wherein said conversion of the at least one digital first value or the at least one digital second value converts from a selection of voltage to current, voltage to charge, or voltage to frequency and said conversion of the analogue output value converts between a selection of current to voltage, charge to voltage or frequency to voltage.
- The method according to any of claims 3 to 12, wherein any of said input value (XIN) or said key value (KIN) comprises n bits or m bits respectively and any of said digital first value (XD, XD1, XD2) or said digital key value (KD, KD1, KD2) comprises a number of bits which is less than n or m respectively.
- The method according to any of claims 1 to 13, wherein the digital output value (RD) or the post-processed digital output value (RPD) is further processed at least once by the cryptographic function of any of claims 1 to 13.
- A device for performing a cryptographic function on at least one digital first value (XD) using at least one digital second value (KD) to give at least one digital output value (RD), said device comprising:at least one first digital to analogue converter (DA1) to convert the at least one digital first value (XD) into at least one analogue first value (XA),at least one second digital to analogue converter (DA2) to convert the at least one digital second value (KSD) into at least one analogue key value (KA),hardware suitable for realising an analogue function (F) acting on said analogue first value (XA) and said analogue key value (KA) to give an analogue result (RA) andat least one analogue to digital converter (AD) to convert said analogue result (RA) into a digital value to give said digital output value (RD).
Priority Applications (13)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP10159372A EP2375622A1 (en) | 2010-04-08 | 2010-04-08 | A device and a method for performing a cryptographic function |
AU2011201232A AU2011201232B2 (en) | 2010-04-08 | 2011-03-18 | A device and a method for performing a cryptographic function |
CA2734929A CA2734929C (en) | 2010-04-08 | 2011-03-23 | A device and a method for performing a cryptographic function |
TW100110794A TWI523436B (en) | 2010-04-08 | 2011-03-29 | A device and a method for performing a cryptographic function |
EP11160568.9A EP2375623B1 (en) | 2010-04-08 | 2011-03-31 | A device and a method for performing a digital cryptographic function |
US13/077,195 US8355500B2 (en) | 2010-04-08 | 2011-03-31 | Device and a method for performing a cryptographic function |
BRPI1101873-9A BRPI1101873B1 (en) | 2010-04-08 | 2011-04-01 | DEVICE AND METHOD FOR EXECUTING A CRYPTOGRAPHIC FUNCTION |
JP2011084293A JP5778459B2 (en) | 2010-04-08 | 2011-04-06 | Apparatus and method for performing cryptographic functions |
CN201110093716.7A CN102215105B (en) | 2010-04-08 | 2011-04-06 | A device and a method for performing a cryptographic function |
RU2011113233/07A RU2011113233A (en) | 2010-04-08 | 2011-04-07 | METHOD AND DEVICE FOR PERFORMANCE OF DIGITAL CRYPTOGRAPHIC FUNCTION |
MX2011003868A MX2011003868A (en) | 2010-04-08 | 2011-04-08 | A device and a method for performing a cryptographic function. |
KR1020110032695A KR101845554B1 (en) | 2010-04-08 | 2011-04-08 | A device and a method for performing a cryptographic function |
HK11112639.9A HK1158409A1 (en) | 2010-04-08 | 2011-11-22 | A device and a method for performing a digital cryptographic function |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP10159372A EP2375622A1 (en) | 2010-04-08 | 2010-04-08 | A device and a method for performing a cryptographic function |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2375622A1 true EP2375622A1 (en) | 2011-10-12 |
Family
ID=42630274
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP10159372A Withdrawn EP2375622A1 (en) | 2010-04-08 | 2010-04-08 | A device and a method for performing a cryptographic function |
EP11160568.9A Active EP2375623B1 (en) | 2010-04-08 | 2011-03-31 | A device and a method for performing a digital cryptographic function |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP11160568.9A Active EP2375623B1 (en) | 2010-04-08 | 2011-03-31 | A device and a method for performing a digital cryptographic function |
Country Status (11)
Country | Link |
---|---|
US (1) | US8355500B2 (en) |
EP (2) | EP2375622A1 (en) |
JP (1) | JP5778459B2 (en) |
KR (1) | KR101845554B1 (en) |
CN (1) | CN102215105B (en) |
AU (1) | AU2011201232B2 (en) |
CA (1) | CA2734929C (en) |
HK (1) | HK1158409A1 (en) |
MX (1) | MX2011003868A (en) |
RU (1) | RU2011113233A (en) |
TW (1) | TWI523436B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104636509B (en) * | 2013-11-08 | 2019-05-28 | 恩智浦美国有限公司 | The system and method for sequence problem is verified in Gate Level Simulation |
US11450379B2 (en) | 2020-12-10 | 2022-09-20 | Micron Technology, Inc. | Ultra-compact page buffer |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20010021252A1 (en) | 1998-10-28 | 2001-09-13 | L-3 Communications Corporation | Encryption and authentication methods and apparatus for securing telephone communications |
WO2007120006A1 (en) | 2006-04-18 | 2007-10-25 | Prestige Corp. | Method and apparatus for voice signal encryption/decryption |
US7545929B1 (en) | 2002-10-25 | 2009-06-09 | Lockheed Martin Corporation | Analog encryption |
US7647615B1 (en) * | 1998-05-04 | 2010-01-12 | Motorola, Inc. | Method and system for distributing digital audio and video to an analog wireless device |
Family Cites Families (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5218621A (en) * | 1991-04-04 | 1993-06-08 | Motorola, Inc. | Adaptive digital equalization filter |
US5822360A (en) * | 1995-09-06 | 1998-10-13 | Solana Technology Development Corporation | Method and apparatus for transporting auxiliary data in audio signals |
JP2980576B2 (en) * | 1997-09-12 | 1999-11-22 | 株式会社東芝 | Physical random number generating apparatus and method, and physical random number recording medium |
US20030118186A1 (en) * | 1997-10-30 | 2003-06-26 | Gilley James E. | Apparatus for and method for cipher check of an analog scrambler |
US20030121043A1 (en) * | 1998-05-04 | 2003-06-26 | Juergen Reinold | Method and system for broadcasting digital audio and video to an analog wireless device |
US6498851B1 (en) * | 1998-11-25 | 2002-12-24 | Sandisk Corporation | Data encryption and signal scrambling using programmable data conversion arrays |
JP2000310942A (en) * | 1999-02-25 | 2000-11-07 | Yazaki Corp | Pseudo-random number generator, stream ciphering method and stream cipher communication method |
JP2002261736A (en) * | 2001-02-27 | 2002-09-13 | Kepusutoramu:Kk | Signal scrambling/descrambling method and apparatus and privacy call method using the same |
US20030001981A1 (en) * | 2001-05-21 | 2003-01-02 | Sony Corporation | Modular digital television architecture |
JP2003216037A (en) * | 2001-11-16 | 2003-07-30 | Yazaki Corp | Cipher key, enciphering device, enciphering/deciphering device, cipher key management device, and deciphering device |
AU2003269555A1 (en) * | 2002-10-16 | 2004-05-04 | Mazetech Co., Ltd. | Encryption processing method and device of a voice signal |
US6946981B1 (en) * | 2003-12-29 | 2005-09-20 | Intel Corporation | Transmitter and method thereon |
KR100630694B1 (en) * | 2004-08-03 | 2006-10-02 | 삼성전자주식회사 | Memory device having single bit bus structure with current mode signaling |
JP4461224B2 (en) * | 2004-09-08 | 2010-05-12 | 学校法人玉川学園 | Cryptographic transmitter |
CN1633068B (en) * | 2004-12-31 | 2010-10-06 | 北京中星微电子有限公司 | A method of media stream transmission in point-to-point communication |
US20080025504A1 (en) * | 2005-11-23 | 2008-01-31 | Robert Rapp | Computer or digital device data encryption/decryption performed by using a random analog source |
CN1852089B (en) * | 2005-12-31 | 2012-01-18 | 华中科技大学 | System and method for generating analog-digital mixed chaos signals |
JP2007273030A (en) * | 2006-03-31 | 2007-10-18 | Toshiba Samsung Storage Technology Corp | Device and method for generating random number data in optical disk device |
JP4860708B2 (en) * | 2006-12-27 | 2012-01-25 | 富士通株式会社 | Stream cipher method and cipher system |
JP5206024B2 (en) * | 2008-02-28 | 2013-06-12 | 富士通株式会社 | Image decryption device, image encryption device, image decryption method, and image decryption program |
-
2010
- 2010-04-08 EP EP10159372A patent/EP2375622A1/en not_active Withdrawn
-
2011
- 2011-03-18 AU AU2011201232A patent/AU2011201232B2/en active Active
- 2011-03-23 CA CA2734929A patent/CA2734929C/en active Active
- 2011-03-29 TW TW100110794A patent/TWI523436B/en active
- 2011-03-31 EP EP11160568.9A patent/EP2375623B1/en active Active
- 2011-03-31 US US13/077,195 patent/US8355500B2/en active Active
- 2011-04-06 JP JP2011084293A patent/JP5778459B2/en active Active
- 2011-04-06 CN CN201110093716.7A patent/CN102215105B/en active Active
- 2011-04-07 RU RU2011113233/07A patent/RU2011113233A/en not_active Application Discontinuation
- 2011-04-08 MX MX2011003868A patent/MX2011003868A/en active IP Right Grant
- 2011-04-08 KR KR1020110032695A patent/KR101845554B1/en active IP Right Grant
- 2011-11-22 HK HK11112639.9A patent/HK1158409A1/en unknown
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7647615B1 (en) * | 1998-05-04 | 2010-01-12 | Motorola, Inc. | Method and system for distributing digital audio and video to an analog wireless device |
US20010021252A1 (en) | 1998-10-28 | 2001-09-13 | L-3 Communications Corporation | Encryption and authentication methods and apparatus for securing telephone communications |
US7545929B1 (en) | 2002-10-25 | 2009-06-09 | Lockheed Martin Corporation | Analog encryption |
WO2007120006A1 (en) | 2006-04-18 | 2007-10-25 | Prestige Corp. | Method and apparatus for voice signal encryption/decryption |
Non-Patent Citations (1)
Title |
---|
ALLEN GERSHO: "Perfect Secrecy Encryption of A.nalog Signals", IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, IEEE SERVICE CENTER, PISCATAWAY, US, vol. Sac-2, no. 3, 1 May 1984 (1984-05-01), pages 460 - 466, XP007914616, ISSN: 0733-8716 * |
Also Published As
Publication number | Publication date |
---|---|
TW201203870A (en) | 2012-01-16 |
TWI523436B (en) | 2016-02-21 |
AU2011201232A1 (en) | 2011-10-27 |
RU2011113233A (en) | 2012-10-20 |
EP2375623A1 (en) | 2011-10-12 |
BRPI1101873A2 (en) | 2014-04-15 |
AU2011201232B2 (en) | 2013-11-28 |
KR20110113155A (en) | 2011-10-14 |
US8355500B2 (en) | 2013-01-15 |
US20110249814A1 (en) | 2011-10-13 |
CN102215105A (en) | 2011-10-12 |
CN102215105B (en) | 2014-09-10 |
JP5778459B2 (en) | 2015-09-16 |
MX2011003868A (en) | 2011-10-28 |
KR101845554B1 (en) | 2018-05-18 |
HK1158409A1 (en) | 2012-07-13 |
CA2734929C (en) | 2017-03-14 |
JP2011223577A (en) | 2011-11-04 |
EP2375623B1 (en) | 2013-07-24 |
CA2734929A1 (en) | 2011-10-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP0615361B1 (en) | System and method for high speed encryption using multiple keystream generator | |
EP3503460A1 (en) | System and method for boolean masked arithmetic addition | |
US8522052B1 (en) | Method and integrated circuit for secure encryption and decryption | |
Arul Murugan et al. | FPGA implementation of hardware architecture with AES encryptor using sub-pipelined S-box techniques for compact applications | |
JP2005215688A (en) | Hardware encryption/decryption apparatus using s-box operation, and method for the same | |
EP2375623B1 (en) | A device and a method for performing a digital cryptographic function | |
AU2003257891A1 (en) | Data Encryption Method | |
Mahmood et al. | MATLAB Implementation of 128-key length SAFER+ Cipher System | |
Mohammed | Implementation of Simplified Data Encryption Standard on FPGA using VHDL | |
Tun et al. | Message Security using One Time Pad and AES Hybrid Cryptography | |
KR100965874B1 (en) | Apparatus and method for encrypting/decrypting cipher key chaining | |
Pramila et al. | Physical Unclonable Design for Key Generation for AES Encryption Algorithm | |
Hulle et al. | High Performance Architecture for LILI-II Stream Cipher | |
Chaudhari et al. | VHDL Implementation of IDEA Architectures | |
Gandhi et al. | Encryption of data streams using Pauli spin ½ matrices and Finite state machine | |
Mandal et al. | Securing Message using Recursive Modulo-2 and Key Rotation Operation (RMRO) | |
BABU et al. | Implementation of Area and Cost Effective Security-Enabled Flexible Architecture Supporting Symmetric Cryptography | |
Nuthan et al. | Development of Randomized Hybrid Cryptosystem Using Public and Private Keys | |
BRPI1101873B1 (en) | DEVICE AND METHOD FOR EXECUTING A CRYPTOGRAPHIC FUNCTION | |
REDDY et al. | Implementation of Security-Enabled Flexible Architecture with Symmetric Cryptography | |
UPENDRACHARY et al. | Least Complex S-Box and Its Fault Detection for Robust Advanced Encryption Standard Algorithm | |
YASMEEN et al. | Implementation of the Advanced Encryption Standard Algorithm | |
Patel et al. | To implement cryptographic model for secure communication on FPGA using 32-bit ALU unit | |
NAGARJUNA et al. | A Viable Implementation of Security-Enabled Flexible Architecture with Symmetric Cryptography | |
Alla et al. | REALIZATION OF SECURITY-ENABLED COMMUNICATION WITH LOW COST FLEXIBLE ARCHITECTURE SUPPORTING SYMMETRIC CRYPTOGRAPHY |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: AL BA ME RS |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20120430 |